Skills
skills/forjd/agent-skills/pr-review-actioner/Gen Agent Trust Hub

pr-review-actioner

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill processes pull request comments authored by external reviewers which can influence the agent's behavior.
  • Ingestion points: The gh api graphql command in SKILL.md (Step 2) fetches unresolved review threads and the text of their comments.
  • Boundary markers: Absent. There are no instructions to use delimiters or to treat comment content as untrusted data during the triage phase.
  • Capability inventory: The skill has the ability to read and modify local files, execute git commit and git push (Step 5), and post new comments to GitHub via gh api (Step 6).
  • Sanitization: No explicit sanitization or filtering is applied to the comment body before it is interpreted by the agent.
  • [COMMAND_EXECUTION]: The skill executes local commands to interact with the repository and GitHub's API.
  • Commands include gh pr view, gh api, git add, git commit, and git push as documented in SKILL.md.
  • These operations are used for the intended purpose of synchronizing code changes with the remote repository after addressing review feedback.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 11:56 PM